At Consensus 2018 today, a group of regulators took the stage with Bittrex CSO Kiran Raj. It went exactly as one would expect. There were no new revelations. Only a lot of nice sounding talk about protecting investors without hampering innovation.

Which sounds nice. But as was the case in 2016 when I wrote about the Blockchain Summit in Washington D.C. regulators are still taking a reactive approach and are ignoring what is coming down the pipeline.

In addition to Raj, the panel included Robert A. Cohen of the Securities Exchange Commission (SEC), James McDonald of the Commodity Futures Trading Commission (CFTC), Sujit Raman of the U.S. Department of Justice (DOJ) and was moderated by Steve Bunnell, Chair of Data Security and Privacy Practice and the interim Chief Legal Officer of Bittrex.

The first half of the panel was spent talking to each regulator and asking them what their authority covers and their focus. Virtually nothing they said was surprising. The CFTC is interested in Bitcoin futures and other derivatives. The FCC wants to encourage capital growth but also maintain fair markets and protect investors. The DOJ is interested in criminal cases. The SEC is primarily focused on issues of fraud.

All of the agencies stressed that they don’t want to scare off legitimate innovations and that making a good faith effort to comply by communicating with regulators will go a long way.

Raj, as the sole representative of the industry, stressed the need for clear regulations. He argued that most companies want to comply but with the various agencies and patchwork regulation that started in the 1940s, it can be difficult to understand what regulations need to be followed.

But, these regulations are solutions made for the past, that barely apply today and won’t apply at all in the future. Dapps are more popular than ever. Far more popular than when I wrote about the regulator’s similar tone deafness back at the DC Blockchain Summit. Dapps are coming, and they have the potential to circumvent most of the regulations they are working hard to enforce.

At least back in 2016, Dapps were still a future concern. Augur was the only one of note that had launched and OpenBazaar was just entering its TestNet phase. But today, thanks to Ethereum and similar projects, Dapps are a dime a dozen. There are completely decentralized exchanges (albeit ones that are too slow for high volume trading). OpenBazaar has launched in earnest. Everywhere you look, someone is touting their Dapp as the next big thing.

Sure, it is nice to know that the SEC is focused on fraud. But we already knew that. They have been taking down Ponzi schemes like Paycoin for years. What would have been far more interesting to me, and I suspect most of the audience, is what they are going to do when schemes become decentralized, when money laundering dapps are commonplace. What is their plan? Go after users? Go after the code creator? Make downloading the software illegal?

These are the issues that regulators would be smart to address now, rather than when these technologies are being used by thousands of people. Not that some future regulation would be capable of reigning in Dapps, but it would still be nice to know if they have a plan and what that plan entails.

But given that they seemingly haven’t even acknowledged their existence publicly, the crypto community is left to assume one conclusion: they don’t have a plan.

Surely, by this point, they must be aware of Dapps. The fact that they attended Consensus means they have undoubtedly been assaulted with marketing materials and speeches for hybrid exchanges like IDEX and applications like CryptoKitties. By now the DOJ has heard of OpenBazaar. Are they not aware that a copycat project could easily become a decentralized Silk Road?

This point was brought up by Shapeshift’s COO in a later talk “CHANGES AT EXCHANGES, TRADERS IN THE CROSSHAIRS” and was addressed slightly by European Parliament member Antanas Guoga. But as far as U.S. Regulators go, we are still left in the dark.

Perhaps by ignoring the elephant in the room, they hope the criminals will ignore it too and continue to use more traditional systems. But that will only last as long as the regulators are slow to crack down on people and companies who break their regulations. Once it becomes too risky to run a scam or underground marketplace in the traditional matter, creators are sure to look for safer solutions.

Let’s say that the SEC decides that CryptoKitties are an unregistered security. They come down hard on them. Only part of CryptoKitties is decentralized. So, the regulators could come, shut down the web app, shut down the website and arrest the creators. But there would still be these CryptoKitties out in the wild. Individual users would still hold them, just like Paycoins still exist. Unlike Paycoin, Cryptokitties actually have a use and it stands to reason holders would want to continue using, breeding and trading them.

How long would it be before someone creates a new website and new combining algorithm in a decentralized matter? What would the SEC’s plan of action be then? Would they declare holding CryptoKitties illegal and attempt to regulate them in the same way the DOJ regulates heroin?

There was no Q&A session for the panel, which is a shame because I think the question would have been asked. Instead, they patted each other on the back about how much clearer the regulation of cryptocurrency is now than a few years ago. That’s great. But the future is just around the corner and the only thing this chat taught me was that they are woefully unprepared, just like they were in 2009 when Bitcoin launched.